On July 4, 2025, President Trump signed “The One Big Beautiful Bill Act” into law. While much attention has focused on the bill’s rejection of a proposed 10-year federal ban on state and local artificial intelligence (“AI”) regulation, the legislation also enacts sweeping new requirements with major implications for AI and technology companies. Key provisions include stringent restrictions on foreign influence in the AI supply chain, broad extraterritorial rules targeting “prohibited foreign entities,” enhanced domestic sourcing mandates, and rigorous supply chain integrity requirements. These measures present significant compliance and operational challenges, especially for multinational firms with global operations or foreign partners. This Alert highlights the most important aspects of the new law for companies in the AI sector, with a focus on the practical impact of foreign control restrictions, technology licensing limitations, and related compliance obligations.
1. Substantial Federal Investment in AI Infrastructure and R&D – With Strings Attached
The bill provides significant federal funding, grants, and tax incentives for companies investing in U.S.-based AI infrastructure, including data centers, semiconductor manufacturing, and AI research, with support from federal agencies. However, access to these funds is tightly conditioned on compliance with strict domestic content rules and prohibitions on involvement by “prohibited foreign entities” (as further discussed below). The new foreign entity of concern(“FEOC”)-related restrictions may cause companies that would otherwise be eligible for such tax credits to lose their eligibility due to ownership and supply chain issues. Therefore, robust beneficial ownership and supply chain due diligence and sourcing practices will be required to assess nexus points to “prohibited foreign entities,” notably from China, as noncompliance can result in loss of eligibility for federal support and enforcement actions. The result is a landscape of expanded funding opportunities, but only for those able to navigate and document compliance with rigorous sourcing and foreign influence restrictions.
2. New Restrictions on Foreign Influence and Supply Chain Integrity
The bill establishes sweeping restrictions on the involvement of “prohibited foreign entities” in federally supported AI, clean energy, and advanced manufacturing projects. Companies cannot claim credits if they engage in sourcing or licensing from, or significant payments to, a “prohibited foreign entity.” Among the key elements of the new limitations are:
- Broad Definition of Prohibited Foreign Entities: The bill defines “prohibited foreign entities” expansively to include not only companies owned or controlled by foreign governments or nationals from countries of concern, but also entities with significant foreign debt, contractual rights, or other forms of influence—such as through minority ownership, contractual rights, beneficial ownership, or supply chain relationships.
- Material Assistance and Indirect Involvement: The restrictions apply to both direct and indirect participation by prohibited foreign entities, including material assistance, ownership stakes, licensing agreements, and any contractual arrangements that could confer effective control or influence. The bill prohibits not only direct licensing or technology transfer to prohibited foreign entities, but also indirect arrangements—such as sublicensing, joint ventures, or supply chain relationships—if they result in material assistance or effective control by a prohibited foreign entity.
- Certification and Rigorous Documentation: Companies must obtain and retain detailed certifications from all suppliers and partners attesting that no prohibited foreign entity has material involvement in the production, development, or commercialization of the relevant technology or components. These certifications must be signed under penalty of perjury and are subject to federal audit.
- Restrictions Most Acute for Federally Supported Projects: The most stringent restrictions—such as loss of eligibility for federal tax credits, grants, and other benefits—apply to companies and projects that seek or receive federal support. For example, to qualify for advanced manufacturing, clean energy, or AI infrastructure credits, companies must demonstrate that no prohibited foreign entity has material involvement in their supply chain, technology, or operations.
- However, Broader Impact through Enforcement and Market Pressure: Although the direct legal prohibitions are tied to federal benefits, the bill’s definitions and compliance requirements have a de facto broader reach. Companies that do not seek federal support may still face indirect pressure to comply, as their customers, partners, or investors may require assurances of compliance to avoid jeopardizing their own eligibility for federal programs. The bill’s extended audit, reporting, and enforcement provisions mean that even companies not currently seeking federal benefits may be scrutinized if they later apply for such programs or if their products are integrated into federally supported projects.
- Extraterritorial and Supply Chain Reach: The restrictions are not limited to U.S. entities or activities. They apply to non-U.S. subsidiaries, affiliates, and supply chain partners if their involvement could result in material assistance or effective control by a prohibited foreign entity, especially where the end product or service is part of a federally supported project.
- Longer Periods for Federal Review: The statute of limitations for deficiencies related to foreign entity involvement is extended to six years, increasing the period during which companies may be subject to audit or enforcement actions.
- Expanded Audit and Penalty Provisions: The bill grants federal agencies broader authority to audit, investigate, and penalize companies for noncompliance, including substantial misstatements or failures to provide required certifications. Penalties for noncompliance or misstatements in certifications—whether intentional or inadvertent—can result in loss of federal benefits, disqualification from programs, and significant penalties, with enforcement extending to global operations.
3. Heightened Scrutiny of Technology Licensing and Intellectual Property
The bill expressly highlights for enhanced scrutiny licensing agreements and other arrangements that could give prohibited foreign entities effective control or access to critical AI and technology assets. The restrictions apply to technology licensing, contractual arrangements, and other forms of technology transfer to prohibited foreign entities.
The restrictions apply to a wide range of arrangements, including:
- Licensing of patents, copyrights, trade secrets and other intellectual property (“IP”).
- Contractual rights that allow a foreign entity to appoint key officers, direct operations, or control production.
- Royalty agreements, especially those with reversionary interests or long-term payment obligations.
- Any agreement that gives a foreign entity “effective control” over the use, production, or commercialization of technology, including through licensing, supply, or service contracts.
The same stringent certification and documentation requirements apply—Companies must obtain and retain detailed certifications from suppliers and partners regarding the absence of prohibited foreign entity involvement in the production of components, software, or intellectual property.
4. Practical Implications for AI and Technology Companies
A. Enhanced Reporting, Transparency, and Compliance Obligations
The new legislative framework demands that companies implement comprehensive, cross-functional compliance programs. Enhanced due diligence is essential—not only for direct ownership and control, but also for indirect influence through debt, contractual rights, and layered ownership structures. Companies must map their entire ownership and supply chain, including upstream and downstream partners, to identify any involvement by prohibited foreign entities. Practical steps may include:
- Establishing centralized compliance teams with responsibility for monitoring federal and state regulatory developments.
- Implementing robust internal controls and documentation processes to track ownership, supply chain relationships, and technology transfers.
- Regularly updating compliance policies to reflect evolving federal and state-level requirements, especially regarding data privacy, AI transparency, and biometric data.
- Training staff across legal, procurement, and business units to recognize and escalate potential compliance risks.
B. Mergers, Acquisitions, and Corporate Restructuring
M&A activity, joint ventures, and restructurings now require heightened scrutiny. Companies must conduct thorough pre-transaction due diligence to ensure that acquired entities, new partners, or restructured operations do not introduce prohibited foreign entity risks. This includes:
- Vetting all counterparties for direct or indirect foreign ownership, significant debt holdings, or contractual rights that could trigger foreign-influenced status.
- Including compliance representations, warranties, and indemnities in transaction documents.
- Being prepared to divest or restructure foreign interests, supply chain relationships, or contractual arrangements that jeopardize eligibility for federal benefits.
- Engaging with international counsel to navigate conflicting foreign and U.S. requirements, especially in cross-border deals.
C. Debt Arrangements, Particularly with Technology and IP as Collateral
The law’s reach extends beyond equity to significant debt arrangements. If a foreign entity holds 15% or more of a company’s debt, or has contractual rights over key assets (including intellectual property), the company may be classified as foreign-influenced and lose access to federal support. Companies that are subject to prohibited foreign entity restrictions should consider taking steps to:
- Avoid inadvertently granting security interests in critical IP to foreign entities, or structure such arrangements, if they exist, to prevent triggering compliance issues.
- Require lenders to provide certifications regarding their ownership and control, and include covenants that restrict transfers to prohibited foreign entities.
- Monitor ongoing compliance, as changes in debt ownership or collateral arrangements can have immediate regulatory consequences.
D. Public Companies and Complex Ownership Structures
Publicly traded companies, especially those with complex or international ownership, face unique challenges. Even minority stakes or indirect influence by foreign entities can create compliance obligations. Practical recommendations for compliance include:
- Conducting regular beneficial ownership analyses, including tracing through holding companies, trusts, and foreign exchanges.
- Disclosing and documenting all material ownership changes, and updating compliance assessments accordingly.
- Engaging with major shareholders to ensure transparency and cooperation in meeting federal reporting requirements.
- For companies listed on multiple exchanges, harmonizing compliance efforts to address both U.S. and foreign regulatory regimes.
E. Patchwork of Data Privacy, Online Safety and Responsible AI Governance Laws Continues
With the removal of the proposed federal moratorium, states retain broad authority to regulate AI, resulting in a growing patchwork of state and local laws on issues such as deepfakes, child safety, unauthorized use of likeness or voice, algorithmic transparency, data privacy, and biometric data. Companies must proactively monitor and adapt to this evolving landscape, ensuring compliance with diverse, and sometimes conflicting, state requirements. Compliance programs should be flexible and regularly updated to address new laws, especially for those operating in media, entertainment, or child-focused technology. Implementing technical safeguards and clear reporting mechanisms for misuse of AI-generated content is essential to mitigate risk and demonstrate good faith efforts in protecting consumers and upholding responsible AI governance.
Conclusion
The new law creates a demanding environment for AI and technology companies, requiring proactive, enterprise-wide compliance strategies. Companies must invest in due diligence, supply chain transparency, and ongoing monitoring to avoid the risk of losing federal benefits, facing enforcement actions or losing important partnerships. Technology licensing arrangements, M&A, debt, and restructuring activities must be carefully structured to avoid inadvertent violations.
